Purpose
This WS is designed to allow employee with appropriate scopes to create device definition in system.
Key points
This is a GraphQL query method used in Administration panel only.
Only authenticated and authorized employee with appropriate scope can create device definitions.
Device definition validations are also used in [NEW] (GraphQl) Upload Device definitions registry WS.
Specification
Authorize
Verify the validity of access token
Return (401, 'Invalid access token') in case of validation fails
Verify that token is not expired
in case of error - return (401, 'Invalid access token')
Check user scopes in order to perform this action (scope = 'device_definition:write')
Return (403, 'Your scope does not allow to access this resource. Missing allowances: device_definition:write') in case of invalid scope(s)
Validate legal entity
Extract client_id from token.
Check legal entity status (status = ACTIVE)
in case of error - return 409 ('client_id refers to legal entity that is not active.')
Check client type (type = NHS)
in case of error - return 403 ('You don't have permission to access this resource')
Validate request
Check that required fields according to specification are submitted
in case of error - return 422 ('In field <<field_name>>: Expected type <<field_type>>, found null.') where field_name - name of missing field, field_type - type of missing field
Check that no additional fields that do not correspond to schema are submitted
in case of error - return 422 ('In field <<field_name>>: Unknown field.') where field_name - name of additional field that does not correspond to schema
Check that each field in request corresponds to its type in specification
in case of error - return 422 ('In field <<field_name>>: Expected type <<field_type>>, found <<actual_value>>.') where field_name - name of error field, field_type - expected type of field, actual_value - value that was submitted to field
Validate device definition
Check that following field values exist in dictionaries:
$.classificationType
–device_classification_type
dictionary$.manufacturerCountry
–COUNTRY
dictionary$.packagingType
–device_definition_packaging_type
dictionary$.packagingUnit
–DEVICE_UNIT
dictionary$.deviceNames.type
–device_name_type
dictionary$.properties.type
–device_properties
dictionaryin case of error - return 422 ('value is not allowed in enum')
Check that there are no duplicated types within
$.deviceNames
($.deviceNames.type
must be unique within$.deviceNames
)in case of error - return 422 ('Values are not unique by 'type'.)
If
$.properties
is submitted, check that at least one of$.value[X]
field is submitted in each objectin case of error - return 422 ('One and only one key is allowed from the list')
If
$.properties
is submitted, check that only one$.value[X]
field is submitted in each objectin case of error - return 422 ('One and only one key is allowed from the list')
If
$.parentId
is submitted, check device definition exists and is active record in https://e-health-ua.atlassian.net/wiki/spaces/RMDN/pages/17670504863/UPD+Device+definition+data+model#Device-definition table in PRM DBin case of error - return 422 ('Parent device definition is not found.')
If
$.externalId
is submitted, check that does not exist active device definition with the same external_idin case of error - return 422 ('Active device definition with the same external_id already exists.')
Check that does not exist active device definition with the same combination of fields
$.classificationType
,$.manufacturerName
,$.modelNumber
,$.packagingCount
,$.partNumber
in case of error - return 422 ('Active device definition with the same classification_type, manufacturer_name, model_number, packaging_count, part_number already exists.')
Service logic
Save data to device_definitions and device_definition_names tables (PRM DB) according to [UPD] Device definition data model_EN
Render a response according to specification.